Archive for the ‘Spam’ Category

Cleaning out WPMU Splogger spammers like the friendly folk @uk-search-guide.co.uk and internet-guider.co.uk Apr 4 2006

The friendly folk who own the uk-search-guide.co.uk and internet-guider.co.uk domains are spammers who’ve been registering on one of my WordPress Multi-User installations and creating automated splogs (spam blogs).

I just deleted over 300 of their sites. They are like kudzu.

Things that might help if your site is getting spammed by someone like this:

  1. Block the IPs that they are using. In this case, they have been using 3 IP addresses:

    202.47.247.116
    217.160.171.20
    202.47.247.138

    I blocked them using cPanel’s IP Block manager function, but you could also do it with an Apache .htaccess file.

  2. Delete all the spam blogs that have been created. Go to Site Admin > Blogs to delete them.
  3. Delete all the users that now have no blogs associated and that have the common spammer email address.

You have to kill splogs dead. This is a major issue for people who run WordPress MU installations.

Spam, spam, lovely spam Nov 12 2005

Spam, spam, lovely spam

Send us your funny spam and we’ll publish it. And make fun of it.

🙂

10.0 points worth of spam :) Nov 8 2005

Man, I REALLY REALLY hope that I get the “Nine Million United States Dollars Only” promised.

So, first of all, queue up MC Frontalot’s Message No. 419 (mp3), then read on… 🙂


Spam detection software, running on the system “dc2-web9.assortedinternet.com”, has identified this incoming email as possible spam. The original message has been attached to this so you can view it (if it isn’t spam) or label similar future email. If you have any questions, see the administrator of that system for details.


Content preview: Woodman Chambers 136 Lonsdale Road Barnes London SW13 I
prefer that you send your reply to:
barresterthomaswoodman001@yahoo.co.uk Hello , […]


Content analysis details: (10.0 points, 5.0 required)

pts rule name description
—- ———————- ————————————————–
0.2 FROM_HAS_ULINE_NUMS From: contains an underline and numbers/letters
1.2 SUBJ_ALL_CAPS Subject is all capitals
1.6 MILLION_USD BODY: Talks about millions of dollars
0.3 MAILTO_TO_SPAM_ADDR URI: Includes a link to a likely spammer email
0.0 HTML_MESSAGE BODY: HTML included in message
1.3 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked – see ]
3.0 ADVANCE_FEE_4 Appears to be advance fee fraud (Nigerian 419)
1.8 ADVANCE_FEE_3 Appears to be advance fee fraud (Nigerian 419)
0.6 ADVANCE_FEE_2 Appears to be advance fee fraud (Nigerian 419)
0.0 ADVANCE_FEE_1 Appears to be advance fee fraud (Nigerian 419)

The original message was not completely plain text, and may be unsafe to open with some email clients; in particular, it may contain a virus, or confirm that your address can receive spam. If you wish to view it, it may be safer to save it to a file and open it with an editor.

Subject:
FROM WOODMAN CHAMBERS DESK
From:
thomos woodman <p;t_woodman03@yahoo.co.uk>
Date:
Tue, 8 Nov 2005 14:40:20 +0000 (GMT)
To:
barresterthomaswoodman001@yahoo.co.uk

Woodman Chambers
136 Lonsdale Road
Barnes
London SW13

I prefer that you send your reply to: barresterthomaswoodman001@yahoo.co.uk

Hello ,

First I must introduce myself as Barr. Thomas Woodman residing here in London United Kingdom. I have written you with the intention of doing a very honest deal
with you. I will however need to be careful in our first meeting because I am fully aware of a lot of insincere deals going on these days so I await to hear from you before we discuss the details of the transaction.

In summary, its involved with a late client who happens to share the same surname with you. I cannot be sure at this time but by any chance, you may or may not be his relative but since he died without leaving any next of kin to the fund deposit with the Global Financial Networks in Amsterdam – Holland. I am only concerned with getting the deposit out through your help. I am willing to associate you with the fund claim so that they will not confiscate the deposit due to lack of a beneficiary from this end.

For quite some time now, I have been receiving series of correspondences from the finance house hence I decided to find a way and pull the deposited fund out. This is why I need your consent to present you as the beneficiary. The total deposit amounts to US$9Million (Nine Million United States Dollars Only).

I need to know if you are willing and able to cope with the deal? If this is so, let me have your details and we can discuss better. I assure you that every part of this deal will be secured as I have the capability of getting legal coverage from the British High Court of Justice to back up our claims. You will also be entitled to a reasonable share of the fund after we claim it so I will like to hear from you as quickly as possible.

Please, I prefer that you respond to my privatemailbox: barresterthomaswoodman001@yahoo.co.uk
for more confidentiality.

Awaiting to hear from you urgently.

Regards,
Barr. Thomas Woodman

How much free photo storage do you get? Store your holiday snaps for FREE with Yahoo! Photos. Get Yahoo! Photos

Just in case you couldn’t tell, this IS spam, scam and fraud, do not respond.

See this thread if you want more info about spams like these.

Confessions of a reformed WordPress mesothelioma blog spammer Oct 20 2005

Update:
Just to be explicitly clear, I am not now, and have never been, an email spammer, a blog comment spammer, or any other kind of spammer other than what I describe in this post. I originally created the site described here as an experiment in trying to auto-populate a supposed high-value keyword website with posts to see if it would make any money. That experiement worked, but the resulting site (which I would describe as a spam blog or splog or whatever you want to call it) was not very interesting, and I realized that it was a BAD THING to keep it around, even if it did make a whole $10.00. I appologize, I’m sorry, I don’t want the kittens to die.

This is the abbreviated version of my attempted and somewhat misguided career as a blog spammer. NOT a blog comment spammer, no way. This was all about creating a WordPress site, then filling it with content that didn’t add really any value to the Internet.

But tonight, I shut the blog down and made this page instead:
All About Mesothelioma – Information about mesothelioma and possible treatment options.

Isn’t this still spam? Well, yes, and yes/no. I would say it is reformed spam. Maybe. It is really just aggregating entries from around the blogosphere (much like Technorati and a bunch of other sites do).

The story:
I had WordPress auto feeding on a number of feeds. Over the course of a little over a year, the site collected over 66k posts all based on the keyword mesothelioma. This really offered nothing interesting or good to the internet, just basically your typical spam blog I guess. Then, after feeling guilty after reading about the ping server problem with spamming blogs, I turned off the ping notification. It was never my intention to harm anyone or anything. More like, see if I could make a quick buck.

Finally tonight I killed the WordPress part of the site. It was hammering the server (although the hardware problem we had yesterday was a different issue) but churning through 66k of posts was killing mysql on our VPS. So, I made this page to go there instead. Doesn’t hit the database, just sits there, feeding on Google’s news feed and displaying Google ads.

Why mesothelioma, you ask? Just Google for “mesothelioma high value keyword” and you’ll see why. If you think you’d want to give it shot for yourself, though, you might not want to waste your time.

This is approximately what I actually made between February 12, 2004 – October 20, 2005: ~$10.00 total, based on around a total of 760 impressions and ~18 clicks. Being a little vague to try to comply with Google’s TOS for Adsense.

So. I would say, in addition to feeling much better about not having the sites up, I feel like I can say that overall, my wordpress spamming blog career did not actually amount to anything worth trying again. Will I leave this site up as-is now (basically 1 index.php page with some RSS feeds dumping into it)? Yes, mostly to see if it makes any difference now.

Anyways, the lesson that I learned and you should too: don’t spam.

God kills a kitten every time you do.

WordPress comment spam solutions Oct 7 2005

So, figured it was time to kill the comment spam. So I installed these two packages and so far, no spam has gotten through. Yay! 🙂

Both installed super easy, and already after 1 minute Spam Karma 2 caught 2 spam comments. I’ve got almost 12,000 spam comments in my database. Dang.

14.7 points on the SpamAssassin is pretty darn good! May 13 2005

So, SpamAssassin is pretty good at detecting spam. Like, for example, this excellent!!! offer. 14.7 points? That’s wicked high! Good job guys.

Spam detection software, running on the system “dc2-web9.assortedinternet.com”, has identified this incoming email as possible spam. The original message
has been attached to this so you can view it (if it isn’t spam) or label
similar future email. If you have any questions, see
the administrator of that system for details.

Content preview: Dear Friend, REQUEST FOR URGENT CONFIDENTIAL BUSINESS
PROPOSAL After due deliberation with my colleagues, I decided to
forward this proposal. We want a reliable person who could assist us
to transfer the sum of Thirty Million United States Dollars (US$30,000,
000.00) into your account. […]

Content analysis details: (14.7 points, 5.0 required)

pts rule name description
—- ———————- ————————————————–
0.1 FORGED_RCVD_HELO Received: contains a forged HELO
0.4 SUBJ_ALL_CAPS Subject is all capitals
0.0 URG_BIZ BODY: Contains urgent matter
0.8 DEAR_FRIEND BODY: Dear Friend? That’s not very dear!
2.2 NA_DOLLARS BODY: Talks about a million North American dollars
0.4 US_DOLLARS_3 BODY: Mentions millions of $ ($NN,NNN,NNN.NN)
1.3 MILLION_USD BODY: Talks about millions of dollars
1.8 RCVD_IN_BL_SPAMCOP_NET RBL: Received via a relay in bl.spamcop.net
[Blocked – see ]
1.1 RCVD_IN_SBL RBL: Received via a relay in Spamhaus SBL
[81.199.6.62 listed in sbl-xbl.spamhaus.org]
0.5 NIGERIAN_BODY2 Message body looks like a Nigerian spam message 2+
1.9 NIGERIAN_BODY3 Message body looks like a Nigerian spam message 3+
2.9 NIGERIAN_BODY1 Message body looks like a Nigerian spam message 1+
1.4 NIGERIAN_BODY4 Message body looks like a Nigerian spam message 4+

As you can see, they are watching out for you. But, if you _must_ still check out the offer, it is below. 🙂

Subject:
REQUEST FOR URGENT CONFIDENTIAL BUSINESS PROPOSAL
From:
“Dr.John Ebere” < drjohnxebere@tiscali.dk >
Date:
Fri, 13 May 2005 12:13:11 +0100
To:
drjohnxebere@tiscali.dk

Dear Friend,
REQUEST FOR URGENT CONFIDENTIAL BUSINESS PROPOSAL

After due deliberation with my colleagues, I decided to forward this proposal.
We want a reliable person who could assist us to transfer the sum of Thirty
Million United States Dollars (US$30,000,000.00) into your account.

This fund resulted from an over-invoced bill from contract awarded by us
under the budget allocation to my ministry and the bill was approved for
payment by the concerned ministries. The contract has been executed, commissioned
and the contractor was paid the actual cost of the contract. we are left
with the balance of US$30,000,000.00 as part of the over-invoiced amount,
which we have deliberately over estimated, for our own I am contacting you
to be our custodian for this fund.

1. 20% for you (Account Owner)
2. 70% for us
3. 10% for Tax, as may required by our Government and yours.

As you may want to know and to make you less curious,I got your address
from adverts, in business directory that protrayed your establishment in
good light. I am the Secretary of the Contract Awarding Committee (CAC)of
the Nigerian National Petroleum Corporation (NNPC). This transaction is
very much free from all sorts of RISK and TROUBLE from my Government.

We have been exercising patience for this opportunity for so long and to
most of us this is a life time opportunity we cannot affford to miss. To
get this fund paid into your account, we have to present a Payment Invoice
from a foreign establishment like yours. With this invoice, we will seek
approval to transfer the fund within 14 banking days through the APEX BANK
to your designatd Bank Account.

I and one of my colleague involved in this deal will come to your country
to arrange for our share upon the confirmation from you that the money has
been credited into your nominated Bank Account. Consequently upon your acceptance
of my proposal,kindly confirm your interest by revert mail to the above
e/mail address It will surprise you why we choose you and trusted you for
this transaction. Yes, we believe that good friends can be discovered and
business like this cannot be realized without trust. This is why we have
decided to trust you for this transaction. we are looking forward to doing
this transaction with you.

Be further informed that everyone’s interest and security had been considered
before you were contacted. So be rest assured and feel free to go into this
transaction with us. But let honesty be our watch word throughout this transaction
and your prompt reply will be highly appreciated.

Best regards,

Dr.John Ebere.

NOTE ON ACCEPTANCES OF THIS PURPOSAL LET ME HAVE YOUR PHONE AND FAX NUMBER
IMMEDIATELY TO ENABLE US HAVE ORAL DISCUSSION.
THANK YOU!

Man. I wish I could get some ORAL DISCUSSION. Or… something like that…. 🙂

APPEAL FOR URGENT ASSISTANCE. Mar 24 2005

Please, please, if anyone can Micheal get his ten million,five hundred thousand United State Dollars.US$10,500,000 dollars into their own bank account, sounds like he really needs the help.

Oh and, before you call or email him, you might want to listen to this: MESSAGE No. 419 by MC Frontalot.

APPEAL FOR URGENT ASSISTANCE.

Dear,

With due respect and with GOD all thing are
possible that is why I call for help to please Permit
me to inform you of my desire of going into business
relationship with you. I got your contact from foreign trade bussiness chember.

I prayed 7 days prayer over it and selected your name
among other names due to its esteeming nature and there
commendations given to me as a reputable and trust
worthy person that I can do business with and by the
recommendation , I must not hesitate to confide in you
for this simple and sincere clean business 100% risk
free assurance and I will like you to know that all
neccesery arrengement have been ready.

(more…)

AdamBrewer.com – SPAMMMMMMMARR!!! Dec 21 2004

FUCKING SPAMMER
(Image intentionally stretched so he looks fat. hehhehe…)

So, I received this lovely email in my @yahoo.com:

Dear Customer,

Thank you for your recent purchase from Adam Brewer & Associates.
Your order has been processed and credit card charged of $79.95.

Order information:
Item: 2 X CD “All Network Tools PRO, v3.1”
Shipping: DHL ($9.90 per item)
Payment method: Credit (Debit)CARD
Order date: 3:04 PM 11/26/2004
Processed: 3:39 PM 11/26/2004
Processor Gateway: InterLink Inc.
Total price: $79.95 (including shipping & handling)

Please visit our site to check delivery status –
http://www.adambrewer.com

Feel free to contact us if you have any questions.
Adam Brewer & Associates.
http://www.adambrewer.com

___________________________________________________________________
This is an automated e-mail confirmation. Please do not reply.

To remove yourself from this list Click This Link

Looks like it is deceptively linking to Adam here. Nice move, mr. photo dude. FUCKING SPAMMMMMMMER. Dude, that is SERIOUSLY lame.

AdamBrewer.com

Adam Brewer – Adam has been coaching and training athletes nationally and internationally for the past 12 years. He began his coaching career in 1990 while attending Emory University, where he was program director for the adidas Tennis Camp. Upon graduating with a B.A. in Psychology, he continued his academic pursuits at The Ohio State University, where he received an M. A. in Sport Management. While in graduate school, Adam trained under Marty Riessen, 3-time Grand Slam Champion, in advanced coaching methods for top-level tennis players. From there he went on to develop the training program for the Elite Junior Squads at The David Lloyd Clubs in London, England. Presently, he runs Adam Brewer Training in Los Angeles, an independently operated coaching and training business.

Adam is recognized as one of the fittest coaches in the industry, most recently having been featured on the cover of Runner’s World magazine. As a player he was an Academic All-American at #1 singles and doubles at Emory University, where he achieved an NCAA National singles ranking of #17 and doubles ranking of #9. In soccer, Adam was a four year starter, 2-time National Soccer Championship participant, GTE Academic All-American, and 3-time University Athletic Association’s Athlete of the Week.

Looks like this was most likely sent by these guys: List King Pro.

Anti-Spyware Test (Guide) Nov 23 2004

Anti-Spyware Test (Guide)

Overview

As the the threat of “spyware” and “adware” has escalated over the past few years, the number of “anti-spyware” scanners available on the Net has grown equally fast. At present there are over 100 anti-spyware scanners available for download — some for free, some for pay. Spyware and adware are themselves complex enough to prove bewildering to most average users, however. So confusing in fact is the threat of spyware and adware that users often have trouble distinguishing effective anti-spyware scanners from less effective ones. Although a number of “tests” of anti-spyware scanners have been reported on the Net, many if not most of those tests are of limited value because the design, methodology, and execution of the tests is not fully and publicly documented, leaving even experienced users and experts to wonder just how meaningful those tests really are. Still worse, some of those “tests” are touted by webmasters who are affiliates for the companies whose products were “tested.”

The tests documented on these pages are intended to partially remedy these several problems with our knowledge of anti-spyware scanners and how well they perform. At present, there are three groups of tests documented here.

Users looking for a short list of recommendations for anti-spyware products can find such a list HERE. For a more comprehensive list of anti-spyware products, see HERE. And if your PC is already overrun with spyware or adware, see my tips for what to do HERE.

Via Slashdot.

Subject: URGENT AND CONFIDENTIAL Nov 8 2004

Alrighty then! Today is my lucky day!!! Thanks, MUSA!

FROM: MUSA WILLIAM
11,Greenville Street
Sandton South Africa
TEL: +27-83349-3003

ATTN: McVey,

I am Musa William the son of late PRINCE Dan William who was murdered as a
result of the land dispute/reform in ZIMBABWE. I got your contact during my
search for reliable and compitent foreigner to assist us in a confidential
financial transaction, then I decided to write you. My late father was among
the few black Zimbabwean rich farmers murdered in cold blood by the agent of
the ruling government of PRESIDENT ROBERT MUGABE for his alleged Financial
support and sympathy for Zimbabwean Opposition Party,Movement for Democratic
Change(MDC). Before the death of my father, he took me to South Africa to
deposit the sum of TWELVE MILLION UNITED STATE DOLLARS ($12M. USD) with a
security and financial company, as if he for saw thelooming dangers in
Zimbabwe. The money was depositedas a his personal belongings to avoid much
dumourage
from the security firm. The money was earmarked for the purchase of new
machinery and the establishment of new farms in Lesotho and Swaziland.’

This land problems arose when president ROBERT MUGABE introduced a new land
Act,Which wholly affected the white rich farmers and some few opposition
blacks vehemently condemned the new land reform Act adopted by the
government.This resulted to rampant killing and mob actions. I and my family
who are currently staying in South Africa as refugees or asylum seekers have
decided to contact your person for assistance to transfer the money to your
country or the account you may wish to provide for us where we can invest
it. I am faced with the dilemma of claiming/investing this amount of money
in South Africa for fear of encountering the same experience in future since
both countries have the same political history. Moreover,the South African
monetary policy/law does not allow such investment hence I am seeking for an
asylum. I must let you know that this business is 100% risk free and the
nature of your business does not necessary matter.

So, if you are willing to assist my family move out this fund as well as
invest it wisely in your country
his money, I and my family have agreed to go into partnership with you after
the successful transfer of
this fund to your account or country or you take 25% of the total money, 70%
will be for our family while the remaining 5% will be mapped out for all
expenses we may incure during the transaction.
Therefore, if you are capable and interested to render the needed
assistance, endeavour to reply through my e-mail address or the above
number. I also need your private phone and fax number for easy and better
communication.

Remember that this Transaction is highly confidential mostly for the safety
of our lives here in south Africa. Expecting your reply soonest.

Best Regards,

MUSA WILLIAM



sell diamonds